"This security update resolves nine privately reported vulnerabilities
and one publicly disclosed vulnerability in Internet Explorer. The most
severe vulnerabilities could allow remote code execution if a user views
a specially crafted Web page using Internet Explorer. Users whose
accounts are configured to have fewer user rights on the system could be
less impacted than users who operate with administrative user rights."

Thanks to Kevin for the heads up.

Microsoft has deemed this patch worthy of an out of cycle update. It is
recommended that the patch be deployed as soon as possible.

Another mitigation technique would be to disable IE until a patch can be
applied.